UNHCR shared Rohingya biometric data ‘without consent’

The UNHCR improperly gathered personal information and biometrics from ethnic Rohingya refugees and shared it with Bangladesh, which subsequently shared it with Myanmar for its considerations for possible repatriation, reports Human Rights Watch (HRW).

The refugee agency did not carry out a data impact assessment for its data handling, breaching its own policies, and failed to attain informed consent from the refugees that would allow the biometrics and other data to be shared with the country they had fled, according to the report.

The UNHCR has denied any wrongdoing and claims to have explained the purpose of the data collection and that no Rohingya were put at risk. HRW notes that the Myanmar government is still carrying out crimes against humanity and persecution against its Rohingya population.

Research and interviews carried out by HRW with refugees and observers in the field found that of the 24 refugees interviewed, all but one said that UNHCR staff had told them that they had to register for the camps’ Smart Cards to access aid, but did not mention the potential sharing of data with Myanmar or how it might form part of an assessment for repatriation.

The Smart Card system was an initiative of the Bangladesh government to issue refugees with an identity card and was supplementary to the UNHCR’s previous registrations. The agency worked with the Bangladesh authorities on an exercise to link its data with that gathered by Bangladesh via previous registration efforts. According to HRW, the government sought to collate the personal data collected by UNHCR to send to Myanmar for repatriation assessments.

Of the 23 refugees interviewed who recounted similar notifications, three said they were told after they had given their data that it might be used for repatriation and one said he only noticed after registering that on his printed receipt it said in English that the ‘yes’ box was ticked for consenting to share his data with Myanmar. He said this had not been the case. He was one of only three refugees interviewed able to read English.

HRW reports that UNHCR staff had been publicly stating, for example on community radio, that the data collected was not linked to repatriation and that Rohingya refugees had staged protests in the camps over fears that the data could be used for forced returns.

HRW also interviewed 21 refugees from the list of names verified by Myanmar for repatriation. Twelve had been added to repatriation assessment lists in 2019, based on the data collected by UNHCR. The 21 said that when they learnt that data had been shared and their names were on verified repatriation lists, they went into hiding.

Data collection and the capturing of biometrics in the humanitarian sector are coming under increasing scrutiny. Just days before the HRW report, the Red Cross and a consortium of agencies released a handbook for humanitarian actors to improve protections for refugees and migrants who are registered for biometric and digital ID schemes and to develop ways for registrants to give informed consent.

Article Topics

Bangladesh  |  biometric data  |  biometrics  |  data protection  |  data sharing  |  humanitarian  |  identity management  |  Myanmar  |  refugee registration  |  social security  |  United Nations